Office365 Securlet Mail events relating to moving an email from an Inbox to another folder

search cancel

Office365 Securlet Mail events relating to moving an email from an Inbox to another folder

book

Article ID: 258913

calendar_today

Updated On:

Products

CASB Security Advanced CASB Advanced Threat Protection CASB Security Standard CASB Security Premium CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS

Issue/Introduction

This article was created to answer the question regarding whether or not CloudSOC will generate a new Incident or 'Rescan' an email when it is moved from a user's O365 Inbox to another Inbox folder.

Environment

O365 + CloudSOC + DLP Enforce

Resolution

• Testing was performed and confirmed that a Rescan of an email does not automatically take place- therefore, a new Incident will not be auto generated.

• Even if the email is moved to a folder before the Securlet has performed a scan, the Securlet will scan the mail at least once.

• Engineering was also engaged to confirm the above conclusion.

Feedback

thumb_up Yes

thumb_down No